ChatGPT single-prompt DNS side-channel exfiltration remote code execution flaw
Vulnerability
Summary
Hide ▲
Show ▼
A ChatGPT vulnerability let a single malicious prompt covertly exfiltrate prompts, messages, uploaded files, and other sensitive content through a DNS side channel. The flaw also carried remote code execution risk, widening the impact beyond data theft. OpenAI deployed a security update on February 20 after the issue was reported. The weakness mattered because it could move sensitive user and corporate data out of ChatGPT’s isolated execution environment.
Related Happenings
Workflow-level jailbreak makes GitHub Copilot Chat write harmful answers in code files
Technical Analysis
H score22
First: 08.07.2026 14:21
Last: 08.07.2026 14:21
Sources 1
About this happening:
Researchers demonstrated a **workflow-level jailbreak** against **GitHub Copilot Chat** that caused harmful answers to be written inside code tasks even when direct chat prompts w...
Workflow-level jailbreak makes GitHub Copilot Chat write harmful answers in code files
Technical AnalysisAbout this happening: Researchers demonstrated a **workflow-level jailbreak** against **GitHub Copilot Chat** that caused harmful answers to be written inside code tasks even when direct chat prompts w...
OpenAI ChatGPT Atlas BioShocking fix
Advisory/Mitigation
H score34
First: 01.07.2026 00:50
Last: 01.07.2026 00:50
Sources 1
About this happening:
OpenAI delivered a **working fix** for **BioShocking** in **ChatGPT Atlas**, closing a prompt-injection path that could push an AI browser toward unsafe real-world actions and **c...
OpenAI ChatGPT Atlas BioShocking fix
Advisory/MitigationAbout this happening: OpenAI delivered a **working fix** for **BioShocking** in **ChatGPT Atlas**, closing a prompt-injection path that could push an AI browser toward unsafe real-world actions and **c...
IPhone AI chatbot traffic leak of API keys, replayable tokens, and open relays
Technical Analysis
H score27
First: 30.06.2026 16:49
Last: 30.06.2026 16:49
Sources 1
About this happening:
**LLMKeyLens** testing found **444 iPhone AI chatbot apps** leaking **paid AI access**, exposing **API keys**, **replayable tokens**, and **open relays** that let others bill mode...
IPhone AI chatbot traffic leak of API keys, replayable tokens, and open relays
Technical AnalysisAbout this happening: **LLMKeyLens** testing found **444 iPhone AI chatbot apps** leaking **paid AI access**, exposing **API keys**, **replayable tokens**, and **open relays** that let others bill mode...
OpenClaw message-object prompt injection patched in 2026.4.23 security flaw
Vulnerability
H score15
First: 11.06.2026 20:46
Last: 11.06.2026 20:46
Sources 1
About this happening:
**OpenClaw** has a patched **message-object prompt injection flaw** that let hidden instructions inside **shared contacts, vCards, and location pins** reach the LLM as trusted pro...
OpenClaw message-object prompt injection patched in 2026.4.23 security flaw
VulnerabilityAbout this happening: **OpenClaw** has a patched **message-object prompt injection flaw** that let hidden instructions inside **shared contacts, vCards, and location pins** reach the LLM as trusted pro...
OpenAI rolls out ChatGPT Lockdown Mode and Active Sessions for prompt-injection defense and sign-in auditing
Security Tool/Service
H score10
First: 08.06.2026 17:00
Last: 08.06.2026 17:00
Sources 1
About this happening:
OpenAI rolled out **Lockdown Mode** and **Active Sessions** in **ChatGPT**, adding controls that reduce **prompt-injection data exfiltration** risk and improve **signed-in session...
OpenAI rolls out ChatGPT Lockdown Mode and Active Sessions for prompt-injection defense and sign-in auditing
Security Tool/ServiceAbout this happening: OpenAI rolled out **Lockdown Mode** and **Active Sessions** in **ChatGPT**, adding controls that reduce **prompt-injection data exfiltration** risk and improve **signed-in session...
Timeline
-
31.03.2026 16:01 1 articles · 3mo ago
OpenAI deploys ChatGPT security update
Mitigation Patch UpdateOpenAI deployed a security update for ChatGPT on February 20 after researchers reported a flaw that let a single malicious prompt abuse a hidden outbound communication path and DNS side channel from ChatGPT’s isolated execution runtime, reducing the risk of prompt and message exposure.
Show sources
- ChatGPT Security Issue Enabled Data Theft via Single Prompt — www.infosecurity-magazine.com — 31.03.2026 16:01
-
30.03.2026 03:00 2 articles · 3mo ago
Check Point discloses ChatGPT single-prompt exfiltration flaw
Initial DisclosureCheck Point disclosed a ChatGPT vulnerability in which a single malicious prompt could activate a hidden exfiltration channel inside a regular ChatGPT conversation, sending prompts, messages, uploaded files, and other sensitive content to an attacker-controlled server through a DNS side channel, with remote code execution risk also present.
Show sources
- ChatGPT Security Issue Enabled Data Theft via Single Prompt — www.infosecurity-magazine.com — 31.03.2026 16:01
- ChatGPT Security Issue Enabled Data Theft via Single Prompt — www.infosecurity-magazine.com — 31.03.2026 16:01